Re: [exim] dbm vs net-iplsearch for mixed ip/range lists?

Góra strony
Delete this message
Reply to this message
Autor: Stephen Gran
Data:  
Dla: exim-users
Temat: Re: [exim] dbm vs net-iplsearch for mixed ip/range lists?
On Sun, Sep 25, 2005 at 12:13:22PM -0700, OpenMacNews said:
> hi all,
>
> i'm migrating my exim.conf from lsearch to 'dbm' lookups.
>
> i've read abt, and easily converted most of my list lookups.
>
> i've an additional list, 'ipnets.blacklist', containing a *MIX* of ip
> addresses, masked ip ranges, and comments, e.g.:
>
>     W.X.Y.Z/16      # AOL Dynamic DialUps
>     A.A.A.128       # mother in law
>     A.B.C.D/20      # the government

>
> with prior help from this list, i use it successfully with net-iplsearch to
> drop on connect from these addresses/ranges:
>
>     hostlist     blacklist_ipnets  = net-iplsearch;LISTS/ipnets.blacklist

>
>     acl_check_connect:
>         ...
>         drop     message           = BLACKLISTED
>                  hosts             = +blacklist_ipnets
>         ...

>
> but, i've not (yet) found an example of dbm usage for mixed-type lists, as
> above.


As has already been noted, it's a single exact key match.

> any example/reference would be appreciated ....


You'll need to use a script that I had to use in the bad old days of
sendmail - the access database for sendmail also only took single IP's,
but it was too much work to maintain a list like that. Grab this
script:
http://www.megacity.org/software_downloads/cidrexpand

and do a 2 pass run over your file - first convert it with the abve
script and then build the db.

HTH,
--
--------------------------------------------------------------------------
|  Stephen Gran                  | Nothing ever becomes real till it is    |
|  steve@???             | experienced -- even a proverb is no     |
|  http://www.lobefin.net/~steve | proverb to you till your life has       |
|                       | illustrated it.  -- John Keats          |

--------------------------------------------------------------------------